Monday, June 4, 2012

Capture network trace in Android devices ?


After finding a bug, the next step for a tester is to find whose fault is it ? 
Normally a software interacts a lot with servers. It is then quite useful to capture the network exchanges between the software and the servers to find what is really happening behind the user interface. For Android devices, we can use Android Debug Bridge (ADB), tcpdump-arm and wireshark to analyse network packages. First, you need to have Wireshark and ADB installed in your computer (here’s a bit oftutorial). Then, I’ll briefly explain how to use tcpdump-arm in your Android devices to capture a network trace during use case scenario.
1.    Download tcpdump-arm from here
2.    Open command-promt where your ADB tools located. Put your tcpdump-arminto /data/local in your Android device through this command :

adb remount
adb push tcpdump-arm /data/local
3.    Go inside Android devices through this command :

adb shell
cd data/local
4.    Give tcpdump-arm execute permission.

chmod 777 tcpdump-arm
5.    We need to define in which interface we want to listen to the packages. If you run the command below, you’ll see the list of interfaces registered on your device. Normally we find three interfaces: svnet0pdp0, and l0.

./tcpdump-arm -D
6.    Since I want to capture packets coming from data network, I choose to listen to interface: pdp0. (Still remember the famous Packet Data Protocol Context learnt at school  ). I specify also the output file in which I’d like it to be read through Wireshark later on.

./tcpdump-arm -i pdp0 -w capture.pcap
7.    FYI, the option of pdp0 is available when you use the firmware Gingerbread for Samsung Galaxy 2. When you use Ice Scream Sandwich, there’ll be only two options offered: svnet0 and l0. You can either listening to svnet0, but sometimes I also try with option -s 0 to make it capture the full packets and later on I filter what I want in wireshark.

./tcpdump-arm -s 0 -w capture.pcap
8.    After finish the test, run Ctrl+C to stop the capture. Move the output filecapture.pcap from the device into your computer and open it in Wireshark. Here you can do whatever filter you want to find your exchange package.

adb pull data/local/capture.pcap
These tricks have helped me a lot to prevent myself from blaming the developpers for some faults since it’s proved that the bug comes from another source  . Have fun!
Posted by at
Labels: ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)